Details of VAR-201803-1610

ID

VAR-201803-1610

CVE

CVE-2018-0193

TITLE

Cisco IOS XE In software OS Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-003513

DESCRIPTION

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. The vulnerabilities exist because the affected software does not sufficiently sanitize command arguments before passing commands to the Linux shell for execution. An attacker could exploit these vulnerabilities by submitting a malicious CLI command to the affected software. A successful exploit could allow the attacker to break from the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell on an affected device and execute arbitrary commands with root privileges on the device. Cisco Bug IDs: CSCuz03145, CSCuz56419, CSCva31971, CSCvb09542. Cisco IOS XE The software includes OS A command injection vulnerability exists. Vendors have confirmed this vulnerability Bug ID CSCuz03145 , CSCuz56419 , CSCva31971 ,and CSCvb09542 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco IOSXESoftware is a set of operating systems developed by Cisco for its network devices. CLIparser is one of the command line command parsers. This may aid in further attacks

Trust: 2.52

sources: NVD: CVE-2018-0193 // JVNDB: JVNDB-2018-003513 // CNVD: CNVD-2018-08179 // BID: 103547 // VULHUB: VHN-118395

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-08179

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	-	version:	-	Trust: 1.4
vendor:	cisco	model:	ios xe	scope:	lt	version:	16.3.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2sg.5	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2sg.7	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2sg.3	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2sg.9	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2sg.8	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2xo.1	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2sg.4	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2xo	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2xo.0	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2sg.6	Trust: 0.6
vendor:	cisco	model:	ios xe software	scope:	eq	version:	16.2	Trust: 0.3
vendor:	cisco	model:	ios xe software	scope:	eq	version:	16.1	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	16.2	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	16.1.2	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	16.3(0)	Trust: 0.3
vendor:	cisco	model:	ios xe software	scope:	ne	version:	16.3.1	Trust: 0.3
vendor:	cisco	model:	ios	scope:	ne	version:	16.3.1	Trust: 0.3

sources: CNVD: CNVD-2018-08179 // BID: 103547 // JVNDB: JVNDB-2018-003513 // CNNVD: CNNVD-201803-1005 // NVD: CVE-2018-0193

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0193
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-0193
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-08179
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201803-1005
value:	HIGH
Trust: 0.6
VULHUB:	VHN-118395
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-0193
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-08179
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-118395
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0193
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-08179 // VULHUB: VHN-118395 // JVNDB: JVNDB-2018-003513 // CNNVD: CNNVD-201803-1005 // NVD: CVE-2018-0193

PROBLEMTYPE DATA

problemtype:

CWE-78

Trust: 1.9

sources: VULHUB: VHN-118395 // JVNDB: JVNDB-2018-003513 // NVD: CVE-2018-0193

THREAT TYPE

local

Trust: 0.9

sources: BID: 103547 // CNNVD: CNNVD-201803-1005

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201803-1005

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-003513

PATCH

title:	cisco-sa-20180328-cmdinj	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-cmdinj	Trust: 0.8
title:	Patch for Cisco IOSXESoftwareCLI Parser Command Injection Vulnerability (CNVD-2018-08179)	url:	https://www.cnvd.org.cn/patchInfo/show/126879	Trust: 0.6
title:	Cisco IOS XE Software CLI Fixup for parser command injection vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79473	Trust: 0.6

sources: CNVD: CNVD-2018-08179 // JVNDB: JVNDB-2018-003513 // CNNVD: CNNVD-201803-1005

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0193	Trust: 3.4
db:	BID	id:	103547	Trust: 2.0
db:	JVNDB	id:	JVNDB-2018-003513	Trust: 0.8
db:	CNNVD	id:	CNNVD-201803-1005	Trust: 0.7
db:	CNVD	id:	CNVD-2018-08179	Trust: 0.6
db:	VULHUB	id:	VHN-118395	Trust: 0.1

sources: CNVD: CNVD-2018-08179 // VULHUB: VHN-118395 // BID: 103547 // JVNDB: JVNDB-2018-003513 // CNNVD: CNNVD-201803-1005 // NVD: CVE-2018-0193

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180328-cmdinj	Trust: 2.6
url:	http://www.securityfocus.com/bid/103547	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0193	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0193	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2018-08179 // VULHUB: VHN-118395 // BID: 103547 // JVNDB: JVNDB-2018-003513 // CNNVD: CNNVD-201803-1005 // NVD: CVE-2018-0193

CREDITS

Cisco.

Trust: 0.3

sources: BID: 103547

SOURCES

db:	CNVD	id:	CNVD-2018-08179
db:	VULHUB	id:	VHN-118395
db:	BID	id:	103547
db:	JVNDB	id:	JVNDB-2018-003513
db:	CNNVD	id:	CNNVD-201803-1005
db:	NVD	id:	CVE-2018-0193

LAST UPDATE DATE

2024-11-23T21:53:15.650000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-08179	date:	2018-04-24T00:00:00
db:	VULHUB	id:	VHN-118395	date:	2019-10-09T00:00:00
db:	BID	id:	103547	date:	2018-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-003513	date:	2018-05-25T00:00:00
db:	CNNVD	id:	CNNVD-201803-1005	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0193	date:	2024-11-21T03:37:42.023

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-08179	date:	2018-04-24T00:00:00
db:	VULHUB	id:	VHN-118395	date:	2018-03-28T00:00:00
db:	BID	id:	103547	date:	2018-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-003513	date:	2018-05-25T00:00:00
db:	CNNVD	id:	CNNVD-201803-1005	date:	2018-03-29T00:00:00
db:	NVD	id:	CVE-2018-0193	date:	2018-03-28T22:29:02.110